Method for preventing original address spoofing attack, device, server and storage medium

A spoofing attack, original address technology, applied in the Internet field, can solve problems such as unusability, poor applicability, and frequent changes in the list of trusted IP addresses, and achieve the effect of preventing spoofing attacks

Active Publication Date: 2021-12-24
北京微步在线科技有限公司
View PDF0 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Since the list of trusted IP addresses needs to be configured in advance, the applicability of this method is poor
However, when an enterprise uses CDN acceleration, the list of trusted IP addresses changes so frequently that this method cannot be used at all.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for preventing original address spoofing attack, device, server and storage medium
  • Method for preventing original address spoofing attack, device, server and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0020] The following will clearly and completely describe the technical solutions in the embodiments of the present invention in conjunction with the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some of the embodiments of the present invention, not all of them. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts fall within the protection scope of the present invention.

[0021] In addition, in order to better illustrate the present invention, numerous specific details are given in the specific embodiments below. It will be understood by those skilled in the art that the present invention may be practiced without certain of the specific details. In some instances, methods, means, components and circuits well known to those skilled in the art have not been described in detail in order to highlight the gist of t...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for preventing original address spoofing attacks, a device, a server and a storage medium. The method includes: when a user terminal initiates an access through a browser, automatically extracting a list of IP addresses that initiate the access according to the access ; Judging whether the IP address in the IP address list is a trusted IP address, wherein the IP addresses that are judged to be the LAN IP address and the user's own IP address in the IP address list are all determined as trusted IP addresses. The remaining IP addresses in the address list are judged by IP address reputation and IP address geographic location to determine whether they are trusted IP addresses, and the determined trusted IP addresses form a trusted IP address list; when the source IP address of the http request is the described When the IP address in the trusted IP address list is selected, the XFF field is extracted, and whether the XFF field is legal is detected. The method automatically processes the traffic, automatically identifies the trusted IP address list, and prevents original address spoofing attacks.

Description

technical field [0001] The invention relates to the Internet, in particular to a method, device, server and storage medium for preventing original address spoofing attacks. Background technique [0002] In the field of the Internet, when a user accesses the WEB server through a browser, when accessing the WEB server through an HTTP (Hyper TextTransfer Protocol) proxy or a load balancing server, an XFF field (also known as XFF Header), where XFF is the abbreviation of X-Forwarded-For, which is used to identify the most original IP (Internet Protocol) address of the client connecting to the Web server through HTTP proxy or load balancing. In layman's terms, it is the IP address of the browser accessing the website. [0003] If there is no XFF or another similar technology, all connections through the proxy server will only display the IP address of the proxy server, rather than the original IP address initiated by the connection. Such a proxy server actually acts as an anonym...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Patents(China)
IPC IPC(8): H04L29/06H04L29/12
CPCH04L63/101H04L63/1483H04L2101/69
Inventor 刘斐然
Owner 北京微步在线科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap